Paper 2016/807
Multilateral White-Box Cryptanalysis: Case study on WB-AES of CHES Challenge 2016
Hyunjin Ahn and Dong-Guk Han
Abstract
The security requirement of white-box cryptography (WBC) is that it should protect the secret key from a white-box security model that permits an adversary who is able to entirely control the execution of the cryptographic algorithm and its environment. It has already been demonstrated that most of the WBCs are vulnerable to algebraic attacks from a white-box security perspective. Recently, a new differential computation analysis (DCA) attack has been proposed that thwarts the white-box implementation of block cipher AES (WB-AES) by monitoring the memory information accessed during the execution of the algorithm. Although the attack requires the ability to estimate the internal information of the memory pattern, it retrieves the secret key after a few attempts. In addition, it is proposed that the hardware implementation of WB-AES is vulnerable to differential power analysis (DPA) attack. In this paper, we propose a DPA-based attack that directly exploits the intermediate values of WB-AES computation with ut requiring to utilize memory data. We also demonstrate its practicability with respect to public software implementation of WB-AES. Additionally, we investigate the vulnerability of our target primitive to DPA by acquiring actual power consumption traces of software implementation.
Metadata
- Available format(s)
- Publication info
- Preprint. MINOR revision.
- Keywords
- White-Box CryptanalysisSide-Channel AttackSoftware Implementation
- Contact author(s)
-
christa @ kookmin ac kr
ahz012 @ kookmin ac kr - History
- 2016-09-02: revised
- 2016-08-25: received
- See all versions
- Short URL
- https://ia.cr/2016/807
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2016/807, author = {Hyunjin Ahn and Dong-Guk Han}, title = {Multilateral White-Box Cryptanalysis: Case study on {WB}-{AES} of {CHES} Challenge 2016}, howpublished = {Cryptology {ePrint} Archive, Paper 2016/807}, year = {2016}, url = {https://eprint.iacr.org/2016/807} }